Once you have a firewall in place, you
should test it. A great way to do this is to go to and
try their free Test My Shields!
and Probe My Ports! security
tests. You will get immediate feedback on just how secure
your system is!
What
a Firewall Protects You From
There are many creative ways that unscrupulous people use
to access or abuse unprotected computers:
Remote login - When someone is able to connect to
your computer and control it in some form. This can range
from being able to view or access your files to actually running
programs on your computer.
Application backdoors - Some programs have special
features that allow for remote access. Others contain bugs
that provide a backdoor, or hidden access, that provides some
level of control of the program.
SMTP session hijacking - SMTP is the most common method
of sending e-mail over the Internet. By gaining access to
a list of e-mail addresses, a person can send unsolicited
junk e-mail (spam) to thousands of users. This is done quite
often by redirecting the e-mail through the SMTP server of
an unsuspecting host, making the actual sender of the spam
difficult to trace.
Operating system bugs - Like applications, some operating
systems have backdoors. Others provide remote access with
insufficient security controls or have bugs that an experienced
hacker can take advantage of.
Denial of service - You have probably heard this phrase
used in news reports on the attacks on major Web sites. This
type of attack is nearly impossible to counter. What happens
is that the hacker sends a request to the server to connect
to it. When the server responds with an acknowledgment and
tries to establish a session, it cannot find the system that
made the request. By inundating a server with these unanswerable
session requests, a hacker causes the server to slow to a
crawl or eventually crash.
E-mail bombs - An e-mail bomb is usually a personal
attack. Someone sends you the same e-mail hundreds or thousands
of times until your e-mail system cannot accept any more messages.
Macros - To simplify complicated procedures, many
applications allow you to create a script of commands that
the application can run. This script is known as a macro.
Hackers have taken advantage of this to create their own macros
that, depending on the application, can destroy your data
or crash your computer.
Viruses - Probably the most well-known threat is computer
viruses. A virus is a small program that can copy itself to
other computers. This way it can spread quickly from one system
to the next. Viruses range from harmless messages to erasing
all of your data.
Spam - Typically harmless but always annoying, spam
is the electronic equivalent of junk mail. Spam can be dangerous
though. Quite often it contains links to Web sites. Be careful
of clicking on these because you may accidentally accept a
cookie that provides a backdoor to your computer.
Redirect bombs - Hackers can use ICMP to change (redirect)
the path information takes by sending it to a different router.
This is one of the ways that a denial of service attack is
set up.
Source routing - In most cases, the path a packet
travels over the Internet (or any other network) is determined
by the routers along that path. But the source providing the
packet can arbitrarily specify the route that the packet should
travel. Hackers sometimes take advantage of this to make information
appear to come from a trusted source or even from inside the
network! Most firewall products disable source routing by
default.
Some of the items in the list above are hard, if not impossible,
to filter using a firewall. While some firewalls offer virus
protection, it is worth the investment to install anti-virus
software on each computer. And, even though it is annoying,
some spam is going to get through your firewall as long as
you accept e-mail.
The level of security you establish will determine how many
of these threats can be stopped by your firewall. The highest
level of security would be to simply block everything. Obviously
that defeats the purpose of having an Internet connection.
But a common rule of thumb is to block everything, then begin
to select what types of traffic you will allow. You can also
restrict traffic that travels through the firewall so that
only certain types of information, such as e-mail, can get
through. This is a good rule for businesses that have an experienced
network administrator that understands what the needs are
and knows exactly what traffic to allow through. For most
of us, it is probably better to work with the defaults provided
by the firewall developer unless there is a specific reason
to change it.
One of the best things about a firewall from a security standpoint
is that it stops anyone on the outside from logging onto a
computer in your private network. While this is a big deal
for businesses, most home networks will probably not be threatened
in this manner. Still, putting a firewall in place provides
some peace of mind.
Proxy
Servers and DMZ
A function that is often combined with a firewall is a proxy
server. The proxy server is used to access Web pages by the
other computers. When another computer requests a Web page,
it is retrieved by the proxy server and then sent to the requesting
computer. The net effect of this action is that the remote
computer hosting the Web page never comes into direct contact
with anything on your home network, other than the proxy server.
Proxy servers can also make your Internet access work more
efficiently. If you access a page on a Web site, it is cached
(stored) on the proxy server. This means that the next time
you go back to that page, it normally doesn't have to load
again from the Web site. Instead it loads instantaneously
from the proxy server.
There are times that you may want remote users to have access
to items on your network. Some examples are:
- Web site
- Online business
- FTP download and upload area
In cases like this, you may want to create a DMZ (Demilitarized
Zone). Although this sounds pretty serious, it really is just
an area that is outside the firewall. Think of DMZ as the
front yard of your house. It belongs to you and you may put
some things there, but you would put anything valuable inside
the house where it can be properly secured.
Setting up a DMZ is very easy. If you have multiple computers,
you can choose to simply place one of the computers between
the Internet connection and the firewall. Most of the software
firewalls available will allow you to designate a directory
on the gateway computer as a DMZ.
Once you have a firewall in
place, you should test it. A great way to do this is to go
to
and try their free Test My Shields!
and Probe My Ports! security
tests. You will get immediate feedback on just how secure
your system is!
|